At the upcoming monsoon session of the Parliament in July 2022, the Union government will table the draft Data Protection Bill, 2021 for discussion. The Data Protection Bill will bring sweeping changes to the digital landscape in India, and is poised to be the start of a new data regime in India.
The proposed Bill is framed as a bulwark against the excesses of Big Tech and a roadmap for companies to navigate the evershifting digital landscape. However, the bill has been subject to criticism of what some critics see as an encroachment on civil rights, excessive governmental power, and not enough provisions to provide for true online privacy.
To better understand the Data Protecton Bill and to grasp its nuances and critiques, there will be a series of seven sessions covering the various aspects of the Bill - the landscape and contours of the emerging data protection regime in India; the structure of the Data Protection Authority (DPA) and how this will impact compliance; responsibility and ethics towards children - and such topics. Members of legal, privacy, risk and compliance, and product teams from startups, mid-sized companies, and enterprises will participate on these panels to share practical perspectives.
July 2018 - Submission of draft Personal Data Protection Bill, 2018 by committee chaired by retired Supreme Court judge Justice B. N. Srikrishna.
9th December 2019 - Bill approved by the cabinet ministry of India as the Personal Data Protection Bill 2019
11 December 2019 (PDP 2019) - Tabled in the Lok Sabha. Motion to reference the bill to a joint committee.
December 2021 - The Joint Parlimentary Committee (JPC) Report is released, with changes to the bill. Renamed to the Data Protection Bill 2021 (DPB) and criticised for not addressing major concerns of the PDP 2019
To understand the impact of the Data Protection Bill 2021, Privacy Mode’s research team is conducting in-depth interviews with founders, CTOs, legal teams and product teams of small, medium and large organizations. The purpose of this survey is to understand how organizations view the impact of the Data Protection Bill on innovation, investment and growth, and on operational and compliance aspects. A report from the survey will be published in August 2022.
Exemptions of the Data protection Bill
Despite having the clearly stated goal of protecting the private data of its citizens, under the Data Protection Bill, the Central Government can exempt itself and any agencies it deems necessary to collect and process the personal data of citizens for various purposes.
Given the possibility of abuse of power, governmental overreach and knockoff effects in other sectors it is worth having an open discussion on what this means for the future of citizens and their rights.